[Mailman-Users] How to protect list archives?
Chris Waltham
cwaltham at bowdoin.edu
Tue Aug 14 15:00:45 CEST 2007
On Aug 13, 2007, at 6:25 PM, Brad Knowles wrote:
> On 8/13/07, Chris Waltham wrote:
>
>> Is there a relatively straightforward mechanism to protecting list
>> archives from prying eyes? From what I can tell, anyone that can
>> guess the URL of the archives (e.g. www.foo.org/pipermail/listname)
>> can view the archives of the list, even if they're not a subscriber
>> to the list.
>
> Make the archives private, and only subscribers will be able to log
> in and see it. This is independent of whether or not the list
> itself is advertised or not.
Thanks Brad, I got this suggestion privately right about the same
time you sent this one. :-)
>
>> Rather than make a .htaccess file for each list, or even disable
>> archives altogether, what can I do to secure this? This is with
>> mailman-2.1.9, built-in pipermail on RHEL 4. I have ~ 830 lists with
>> a couple hundred messages per list, on average.
>
> You shouldn't need to do anything unusual here. For a single list,
> you should be able to go to the web admin page for the list, then
> go down to the "Archiving Options" section, and click the radio
> button to make the archives private as opposed to public, then
> click the button at the bottom which says "Submit Your Changes".
>
> Now, for automating this for ~830 lists, you'll probably want to do
> that using a "withlist" script and a bit of Python code.
I'll try searching the archives to see if there's a command to do
what I want, otherwise I could just input and output some config
files and run sed over them ;-)
Chris
More information about the Mailman-Users
mailing list